diff options
author | Yann Gautier <yann.gautier@foss.st.com> | 2021-08-16 11:58:01 +0200 |
---|---|---|
committer | Yann Gautier <yann.gautier@foss.st.com> | 2021-08-17 09:10:51 +0200 |
commit | 99080bd1273331007f0b2d6f64fed51ac6861bcd (patch) | |
tree | 7e3002a2eabc4e0a91cf146b9fb30be2ae4c4925 /plat/st | |
parent | 391828923fdd846ebc41745b72343b2a0b6a7204 (diff) | |
download | trusted-firmware-a-99080bd1273331007f0b2d6f64fed51ac6861bcd.tar.gz |
fix(plat/st): apply security at the end of BL2
Now that the DDR is mapped secured, the security settings (TZC400
firewall) have to be applied at the end of BL2 for the OP-TEE case.
This is required to avoid checskum computation error on U-Boot binary,
for which MMU and TZC400 would not be aligned.
Change-Id: I4a364f7117960e8fae1b579f341b9f140b766ea6
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Diffstat (limited to 'plat/st')
-rw-r--r-- | plat/st/stm32mp1/bl2_plat_setup.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/plat/st/stm32mp1/bl2_plat_setup.c b/plat/st/stm32mp1/bl2_plat_setup.c index 3e179fbbf8..b4c42fc06c 100644 --- a/plat/st/stm32mp1/bl2_plat_setup.c +++ b/plat/st/stm32mp1/bl2_plat_setup.c @@ -153,8 +153,6 @@ void bl2_platform_setup(void) #ifdef AARCH32_SP_OPTEE INFO("BL2 runs OP-TEE setup\n"); - /* Initialize tzc400 after DDR initialization */ - stm32mp1_security_setup(); #else INFO("BL2 runs SP_MIN setup\n"); #endif @@ -384,4 +382,9 @@ int bl2_plat_handle_post_image_load(unsigned int image_id) return err; } + +void bl2_el3_plat_prepare_exit(void) +{ + stm32mp1_security_setup(); +} #endif |